Port-80 Delivery of Advanced Evasion Techniques

Stonesoft describes how Advanced Evasion Techniques are being delivered across the HTTP protocol thereby increasing the threat level

Network security vendor Stonesoft has announced the discovery that Advanced Evasion Techniques (AETs) are deliverable across the port-80, HTTP protocol, making them a very real and credible threat to the security of organisations worldwide.

Stonesoft announced its discovery of AETs in October 2010. AETs are essentially a new category of cyber-attacks, which provide cybercriminals with a master key to access vulnerable systems. Using AETs, malware can be disguised so it looks safe and then delivered past security appliances completely undetected.

Since the initial discovery Stonesoft has carried extensive research into the threat category and is currently the lead researcher in that area.

The most recent discovery reveals that AETs can also be deployed across the HTTP protocol and will not be blocked by Firewalls. Until recently, AETs have been viewed as an internal threat which only operate inside a network and only affect IPS appliances. However, this recent research has revealed they can also bypass firewalls and be deployed externally across web traffic.

“We are increasingly seeing evidence of AETs being used in the wild and the threat they pose to organisations worldwide is growing. Recent research has revealed that AETs are deliverable across HTTP protocol, amongst others, and this essentially means that any company with a connection to the internet is at risk of the threat. There seems to be a common misconception that AETs are an internal threat but this has been proven not to be the case. It is important to note when AETs are delivered via HTTP (web) they are able to bypass Firewalls and IPS devices, this is clear evidence that they can originate and be deployed from outside the corporate network,” said Professor Andrew Blyth, Head of Advanced Technology at The University of Glamorgan, UK.

This revelation makes the threat posed by AETs more real than was previously estimated. Stonesoft urges network security vendors to wake up from their complacency.